Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-05-06YoroiLuigi Martire, Davide Testa, Luca Mella
@online{martire:20200506:new:4e0c27b, author = {Luigi Martire and Davide Testa and Luca Mella}, title = {{New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain}}, date = {2020-05-06}, organization = {Yoroi}, url = {https://yoroi.company/research/new-cyber-operation-targets-italy-digging-into-the-netwire-attack-chain/}, language = {English}, urldate = {2021-06-16} } New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain
NetWire RC
2020-04-28YoroiAntonio Pirozzi, Luigi Martire, Pierluigi Paganini
@online{pirozzi:20200428:outlaw:e4da556, author = {Antonio Pirozzi and Luigi Martire and Pierluigi Paganini}, title = {{Outlaw is Back, a New Crypto-Botnet Targets European Organizations}}, date = {2020-04-28}, organization = {Yoroi}, url = {https://yoroi.company/research/outlaw-is-back-a-new-crypto-botnet-targets-european-organizations/}, language = {English}, urldate = {2021-06-16} } Outlaw is Back, a New Crypto-Botnet Targets European Organizations
Cpuminer PerlBot
2020-03-19YoroiMarco Ramilli
@online{ramilli:20200319:is:bc75e96, author = {Marco Ramilli}, title = {{Is APT 27 Abusing COVID-19 To Attack People ?!}}, date = {2020-03-19}, organization = {Yoroi}, url = {https://marcoramilli.com/2020/03/19/is-apt27-abusing-covid-19-to-attack-people/}, language = {English}, urldate = {2020-05-02} } Is APT 27 Abusing COVID-19 To Attack People ?!
2020-03-02YoroiZLAB-Yoroi
@online{zlabyoroi:20200302:karkoff:a43fe0f, author = {ZLAB-Yoroi}, title = {{Karkoff 2020: a new APT34 espionage operation involves Lebanon Government}}, date = {2020-03-02}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/karkoff-2020-a-new-apt34-espionage-operation-involves-lebanon-government/}, language = {English}, urldate = {2020-03-03} } Karkoff 2020: a new APT34 espionage operation involves Lebanon Government
Karkoff
2020-02-21YoroiLuigi Martire, Pietro Melillo, Antonio Pirozzi
@online{martire:20200221:transparent:eb18469, author = {Luigi Martire and Pietro Melillo and Antonio Pirozzi}, title = {{Transparent Tribe: Four Years Later}}, date = {2020-02-21}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/transparent-tribe-four-years-later}, language = {English}, urldate = {2020-03-06} } Transparent Tribe: Four Years Later
Crimson RAT
2020-02-19YoroiMarco Ramilli
@online{ramilli:20200219:uncovering:4f04cd0, author = {Marco Ramilli}, title = {{Uncovering New Magecart Implant Attacking eCommerce}}, date = {2020-02-19}, organization = {Yoroi}, url = {https://marcoramilli.com/2020/02/19/uncovering-new-magecart-implant-attacking-ecommerce/}, language = {English}, urldate = {2020-02-20} } Uncovering New Magecart Implant Attacking eCommerce
magecart
2020-02-17YoroiYoroi
@online{yoroi:20200217:cyberwarfare:5b28cf2, author = {Yoroi}, title = {{Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign}}, date = {2020-02-17}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/cyberwarfare-a-deep-dive-into-the-latest-gamaredon-espionage-campaign/}, language = {English}, urldate = {2020-02-20} } Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign
Pteranodon
2020-01-27YoroiLuigi Martire, Luca Mella
@online{martire:20200127:aggah:9ed3380, author = {Luigi Martire and Luca Mella}, title = {{Aggah: How to run a botnet without renting a Server (for more than a year)}}, date = {2020-01-27}, organization = {Yoroi}, url = {https://yoroi.company/research/aggah-how-to-run-a-botnet-without-renting-a-server-for-more-than-a-year/}, language = {English}, urldate = {2021-06-16} } Aggah: How to run a botnet without renting a Server (for more than a year)
LokiBot Azorult
2020-01-14YoroiYoroi
@online{yoroi:20200114:analysis:d5eb291, author = {Yoroi}, title = {{Analysis Run}}, date = {2020-01-14}, organization = {Yoroi}, url = {https://yomi.yoroi.company/report/5e1d77b371ef016089703d1a/5e1d79d7d1cc4993da62f24f/overview}, language = {English}, urldate = {2020-01-14} } Analysis Run
BitPyLock
2019-12-27YoroiYoroi
@online{yoroi:20191227:analysis:51fe39c, author = {Yoroi}, title = {{Analysis Run}}, date = {2019-12-27}, organization = {Yoroi}, url = {https://yomi.yoroi.company/report/5e1d7b06c21640608183de58/5e1d7b09d1cc4993da62f261/overview}, language = {English}, urldate = {2020-01-14} } Analysis Run
Yarraq
2019-12-20YoroiAntonio Farina, Luca Mella, Antonio Pirozzi
@online{farina:20191220:unveiling:0abaa1d, author = {Antonio Farina and Luca Mella and Antonio Pirozzi}, title = {{Unveiling JsOutProx: A New Enterprise Grade Implant}}, date = {2019-12-20}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/unveiling-jsoutprox-a-new-enterprise-grade-implant/}, language = {English}, urldate = {2021-06-16} } Unveiling JsOutProx: A New Enterprise Grade Implant
JSOutProx
2019-12-09YoroiYoroi
@online{yoroi:20191209:analysis:0260785, author = {Yoroi}, title = {{Analysis Run}}, date = {2019-12-09}, organization = {Yoroi}, url = {https://yomi.yoroi.company/report/5deea91bac2ea1dcf5337ad8/5deead588a4518a7074dc6e6/overview}, language = {English}, urldate = {2020-01-06} } Analysis Run
SNC
2019-09-24YoroiAntonio Farina, Luca Mella
@online{farina:20190924:or:901ce1d, author = {Antonio Farina and Luca Mella}, title = {{APT or not APT? What's Behind the Aggah Campaign}}, date = {2019-09-24}, organization = {Yoroi}, url = {https://yoroi.company/research/apt-or-not-apt-whats-behind-the-aggah-campaign/}, language = {English}, urldate = {2021-06-16} } APT or not APT? What's Behind the Aggah Campaign
Azorult
2019-07-18Github (ZLab-Cybaze-Yoroi)ZLab-Cybaze-Yoroi
@online{zlabcybazeyoroi:20190718:zlab:b81caef, author = {ZLab-Cybaze-Yoroi}, title = {{ZLab - LooCipher Decryption Tool}}, date = {2019-07-18}, organization = {Github (ZLab-Cybaze-Yoroi)}, url = {https://github.com/ZLab-Cybaze-Yoroi/LooCipher_Decryption_Tool}, language = {English}, urldate = {2020-01-07} } ZLab - LooCipher Decryption Tool
looChiper
2019-07-02YoroiAntonio Farina, Antonio Pirozzi, Luca Mella
@online{farina:20190702:loocipher:3ec598c, author = {Antonio Farina and Antonio Pirozzi and Luca Mella}, title = {{LooCipher: The New Infernal Ransomware}}, date = {2019-07-02}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/loocipher-the-new-infernal-ransomware/}, language = {English}, urldate = {2022-02-02} } LooCipher: The New Infernal Ransomware
looChiper
2019-06-08YoroiLuigi Martire, Davide Testa, Luca Mella, ZLAB-Yoroi
@online{martire:20190608:evolution:c9d130c, author = {Luigi Martire and Davide Testa and Luca Mella and ZLAB-Yoroi}, title = {{The Evolution of Aggah: From Roma225 to the RG Campaign}}, date = {2019-06-08}, organization = {Yoroi}, url = {https://yoroi.company/research/the-evolution-of-aggah-from-roma225-to-the-rg-campaign/}, language = {English}, urldate = {2021-06-16} } The Evolution of Aggah: From Roma225 to the RG Campaign
Revenge RAT
2019-05-29YoroiDavide Testa, Antonio Farina, Luca Mella
@online{testa:20190529:ta505:07b59dd, author = {Davide Testa and Antonio Farina and Luca Mella}, title = {{TA505 is Expanding its Operations}}, date = {2019-05-29}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/ta505-is-expanding-its-operations/}, language = {English}, urldate = {2021-06-16} } TA505 is Expanding its Operations
RMS
2019-05-16YoroiLuigi Martire, Davide Testa, Antonio Pirozzi, Luca Mella
@online{martire:20190516:stealthy:930aa98, author = {Luigi Martire and Davide Testa and Antonio Pirozzi and Luca Mella}, title = {{The Stealthy Email Stealer in the TA505 Arsenal}}, date = {2019-05-16}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/the-stealthy-email-stealer-in-the-ta505-arsenal/}, language = {English}, urldate = {2019-10-14} } The Stealthy Email Stealer in the TA505 Arsenal
TA505
2019-04-18YoroiZLAB-Yoroi
@online{zlabyoroi:20190418:apt28:709f72a, author = {ZLAB-Yoroi}, title = {{APT28 and Upcoming Elections: Evidence of Possible Interference (Part II)}}, date = {2019-04-18}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/apt28-and-upcoming-elections-possible-interference-signals-part-ii/}, language = {English}, urldate = {2022-03-14} } APT28 and Upcoming Elections: Evidence of Possible Interference (Part II)
Seduploader
2019-04-09YoroiLuigi Martire, Luca Mella
@online{martire:20190409:limerat:90dd4a3, author = {Luigi Martire and Luca Mella}, title = {{LimeRAT spreads in the wild}}, date = {2019-04-09}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/limerat-spreads-in-the-wild/}, language = {English}, urldate = {2022-02-02} } LimeRAT spreads in the wild
LimeRAT